Investigations of cyber-attacks conducted by the US Department of Homeland Security almost doubled in the year ended September 30, the government agency said in a recent report.
The Department of Homeland Security’s Industrial Control Systems Cybersecurity Emergency Response Team, or ICS-CERT, responded to 295 reported incidents in the US involving critical infrastructure in fiscal 2015, up 20 percent from the previous fiscal year.
The agency said that the Critical Manufacturing sector had 97 reported incidents, representing 33 percent of the reported incidents for the fiscal year. This increase over previous years in the Critical Manufacturing sector is primarily related to a wide spread spear-phishing campaign that primarily targeted critical manufacturing companies along with limited targets in other sectors.
Source: Industrial Control Systems Cyber Security Emergency Response Team (ICS-CERT)
The Energy Sector had the second most incidents with 46, and the Water and Wastewater Systems Sector was third with 25.
The report didn’t provide details on who the perpetrators of the cyber-attacks were.
According to Reuters, experts say that the attacks could be caused by unintentional infections of criminal malware or the result of nations gathering data to prepare for a destructive attack.
The report was published following a warning by Marty Edwards, who runs the Department of Homeland Security’s ICS-CERT. He said: “We see more and more that are gaining access to that control system layer,”
Edwards believes that the rising number of cyber-attacks is due to more control systems being directly connect to the Internet.
Edwards said in an on-stage interview: “I am very dismayed at the accessibility of some of these networks… they are just hanging right off the tubes,”